Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/l7t2iScMgw_Vqqdey3zojLvCFAo.roa
File: l7t2iScMgw_Vqqdey3zojLvCFAo.roa (raw, json)
Hash identifier: GElb5qawLmwlWjlnnhanimj+W7edI5MOyhH1UzXbSog=
Subject key identifier: 97:BB:76:89:27:0C:83:0F:D5:AA:A7:5E:CB:7C:E8:8C:BB:C2:14:0A
Certificate issuer: /CN=add6d7576cd28245c679f9af3575c035b8a22c9e
Certificate serial: 01942143A1AEDE62C6962096306C71BF90B7
Authority key identifier: AD:D6:D7:57:6C:D2:82:45:C6:79:F9:AF:35:75:C0:35:B8:A2:2C:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdbXV2zSgkXGefmvNXXANbiiLJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/l7t2iScMgw_Vqqdey3zojLvCFAo.roa
Signing time: Wed 01 Jan 2025 09:47:47 +0000
ROA not before: Wed 01 Jan 2025 09:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209036
IP address blocks: 45.9.221.0/24 maxlen: 24
45.9.222.0/24 maxlen: 24
45.9.223.0/24 maxlen: 24
2a0e:1500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:a1:ae:de:62:c6:96:20:96:30:6c:71:bf:90:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add6d7576cd28245c679f9af3575c035b8a22c9e
Validity
Not Before: Jan 1 09:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97bb7689270c830fd5aaa75ecb7ce88cbbc2140a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5f:06:63:77:e2:96:d6:2e:79:14:b8:e8:33:
f3:0f:9a:23:0c:51:10:fc:77:01:c2:53:fe:f0:aa:
03:8b:46:d4:2d:86:f0:a2:29:89:e3:fc:86:fc:51:
b9:aa:c0:0e:12:4d:11:90:e4:12:e9:53:ad:66:d3:
ff:0b:31:c6:45:7a:f5:48:b4:28:4f:23:a9:f3:ff:
40:31:86:5d:3a:c2:89:6c:06:d4:90:5e:6b:aa:2f:
ef:d6:5e:7e:98:03:e6:b0:81:59:4d:71:51:9b:51:
fb:77:d2:81:c9:53:97:a3:1d:ad:48:6d:80:99:63:
4b:a8:da:54:21:86:ec:cc:21:95:d8:3b:23:c6:80:
68:9c:fb:af:80:da:cb:c8:16:7c:a3:df:66:5c:71:
e7:d6:f2:43:af:1a:c7:49:61:27:b8:72:bc:25:f7:
df:11:30:9c:db:ac:58:1f:da:7d:7d:0e:68:32:e9:
2d:da:73:f8:aa:0a:85:ab:ad:eb:d8:64:24:73:ad:
90:c5:0e:63:18:6a:73:fe:00:60:f3:e7:2c:f0:0e:
d2:49:a0:5a:27:80:c4:d6:2b:2b:84:b5:63:b9:0e:
0c:49:4e:e5:5a:0b:96:d7:20:33:b2:86:ee:78:4c:
ac:6c:ff:bd:e7:56:2f:c8:29:8a:3f:b2:40:1e:ff:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BB:76:89:27:0C:83:0F:D5:AA:A7:5E:CB:7C:E8:8C:BB:C2:14:0A
X509v3 Authority Key Identifier:
keyid:AD:D6:D7:57:6C:D2:82:45:C6:79:F9:AF:35:75:C0:35:B8:A2:2C:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdbXV2zSgkXGefmvNXXANbiiLJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/l7t2iScMgw_Vqqdey3zojLvCFAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/rdbXV2zSgkXGefmvNXXANbiiLJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.221.0-45.9.223.255
IPv6:
2a0e:1500::/29
Signature Algorithm: sha256WithRSAEncryption
26:11:4f:a5:b2:4f:81:b0:43:1e:56:78:f7:6f:7f:fa:1f:05:
98:f4:cf:03:1c:4c:f3:bb:05:e9:14:95:7c:fb:26:96:f9:96:
e9:58:28:e9:8e:33:40:8e:59:02:06:4b:f9:27:c9:77:c8:45:
88:7f:97:b9:9b:c2:a4:8c:be:38:d2:3c:c6:c1:89:2f:30:1d:
cc:3b:b0:21:1b:3e:e7:b2:c0:a3:9d:35:77:b5:c4:4e:51:b3:
93:84:05:74:f1:a0:ab:01:83:2f:74:bd:0b:1a:37:79:61:c7:
43:0b:34:56:5e:82:36:d3:5c:02:5a:6b:8d:f8:94:65:a9:b3:
6f:6b:da:54:9d:c7:23:eb:b2:f8:24:0b:fa:07:de:91:d3:9d:
fc:12:99:2a:fb:6f:5c:2c:86:ac:b4:4f:aa:17:5d:27:60:4e:
c7:47:d7:19:25:b1:fa:f8:6e:0d:f0:1a:e0:1a:e0:65:cc:39:
3d:d1:e7:16:cc:63:71:58:49:7f:45:46:64:d4:f6:4f:81:99:
d2:32:6c:0d:fc:aa:ce:28:a2:a6:9d:fd:c4:ec:37:0e:26:14:
bc:84:3e:1f:7d:2f:ea:b5:e0:78:f7:83:87:50:e2:57:41:d5:
61:0f:f3:9f:f1:23:29:57:3f:4e:a1:80:e7:22:23:08:41:98:
5d:a6:fc:c5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhQ6Gu3mLGliCWMGxxv5C3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDZkNzU3NmNkMjgyNDVjNjc5ZjlhZjM1NzVjMDM1Yjhh
MjJjOWUwHhcNMjUwMTAxMDk0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JiNzY4OTI3MGM4MzBmZDVhYWE3NWVjYjdjZTg4Y2JiYzIxNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV8GY3filtYueRS46DPzD5ojDFEQ
/HcBwlP+8KoDi0bULYbwoimJ4/yG/FG5qsAOEk0RkOQS6VOtZtP/CzHGRXr1SLQo
TyOp8/9AMYZdOsKJbAbUkF5rqi/v1l5+mAPmsIFZTXFRm1H7d9KByVOXox2tSG2A
mWNLqNpUIYbszCGV2DsjxoBonPuvgNrLyBZ8o99mXHHn1vJDrxrHSWEnuHK8Jfff
ETCc26xYH9p9fQ5oMukt2nP4qgqFq63r2GQkc62QxQ5jGGpz/gBg8+cs8A7SSaBa
J4DE1isrhLVjuQ4MSU7lWguW1yAzsobueEysbP+951YvyCmKP7JAHv80xwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJe7doknDIMP1aqnXst86Iy7whQKMB8GA1UdIwQY
MBaAFK3W11ds0oJFxnn5rzV1wDW4oiyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRiWFYyelNna1hHZWZtdk5YWEFOYmlpTEo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wM2MwYWEtN2Y5NC00MGMxLTk3NDIt
ZGRiMDQ4NGE2ZGEyLzEvbDd0MmlTY01nd19WcXFkZXkzem9qTHZDRkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wM2MwYWEtN2Y5NC00MGMxLTk3NDItZGRiMDQ4NGE2ZGEy
LzEvcmRiWFYyelNna1hHZWZtdk5YWEFOYmlpTEo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAtCd0D
BAUtCcAwDQQCAAIwBwMFAyoOFQAwDQYJKoZIhvcNAQELBQADggEBACYRT6WyT4Gw
Qx5WePdvf/ofBZj0zwMcTPO7BekUlXz7Jpb5lulYKOmOM0COWQIGS/knyXfIRYh/
l7mbwqSMvjjSPMbBiS8wHcw7sCEbPueywKOdNXe1xE5Rs5OEBXTxoKsBgy90vQsa
N3lhx0MLNFZegjbTXAJaa434lGWps29r2lSdxyPrsvgkC/oH3pHTnfwSmSr7b1ws
hqy0T6oXXSdgTsdH1xklsfr4bg3wGuAa4GXMOT3R5xbMY3FYSX9FRmTU9k+BmdIy
bA38qs4ooqad/cTsNw4mFLyEPh99L+q14Hj3g4dQ4ldB1WEP85/xIylXP06hgOci
IwhBmF2m/MU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:00 2025 by rpki-client on console.sobornost.net